An Unsupervised Network Intrusion Detection Based on Anomaly Analysis
In this paper, an novel unsupervised intrusion detection method is presented, in which the anomalies was specified by choosing a reference measure μwhich determines a density and a level valueρ. In order to reveal the relationship between the distribution of connection feature data sets and the reference measure μ, we proposed a new method to design SVM classifier based on RBF core, and apply this algorithm to estimate density level set for the data set, through which the anomaly network connections have been detected. Experimental results on the real network data set showed that the new method is competitive with others in that the false alarm rate is kept low without many missed detections.
Jiang Zhong Xiongbing Deng Luosheng Wen Yong Feng
College of Computer Science and technology, Chongqing University, Chongqing, 400039 College of Mathematics and Physics, Chongqing University, Chongqing, 400039
国际会议
长沙
英文
1319-1322
2009-10-10(万方平台首次上网日期,不代表论文的发表时间)